<?php
session_start();//验证登陆信息

include_once ("../config.php");
include_once '../connection.php';


//if($_POST['submit']){
	$username=$_POST['username'];
	$userpass=$_POST['userpass'];
    $userpass=md5($userpass);
	
	
	
//先判断接收的用户名，是否含有特殊字符。有的话，直接返回登陆框。
if(!preg_match("/^[0-9a-zA-Z]{3,12}$/",$username))
{
echo "<script language='javascript'>alert('用户名不存在！');location='/login';</script>";
}
			  
//开始判断用户信息
else
{



$user=select_one_line_all_items($table_Prefix."employee","mid= '".$username."'");


//判断用户是否存在
if(count($user)==0)
{
echo "
<script language='javascript'>alert('用户名不存在！');
location='/login';</script>";
}



//能找到用户信息
else
{


	if(($username==$user['mid'])&&($userpass==$user['mima'])&&($user['authority']=="是"))
	{
		$_SESSION['username']     = $user['name'];
		$_SESSION['department']   = $user['department'];
		$_SESSION['departmentid'] = $user['departmentid'];
		$_SESSION['mid']          = $user['mid'];
		$_SESSION['nid']          = $user['nid'] ;
		$_SESSION['quanxian']     = $user['quanxian'];
		$_SESSION['position']     = $user['position'];
		$_SESSION['wechat_openid']     = $_REQUEST['openid'];





//接收到openid并且未有openid的，同时还应该要写入openid到表格
		if(($_REQUEST['openid'])&&(!$user['wechat_openid']))
		{
			$_REQUEST['ai_wechat_openid']=$_REQUEST['openid'];
			//$_REQUEST['ai_nid']=$user['nid'];

			echo $sql=update_date($table_Prefix."employee",$_REQUEST,'nid',$user['nid']);
			$query = mysql_query($sql) or die ($sql);
			mysql_close($con);

			echo "<script language='javascript'>alert('绑定微信！');location='../controlbase/';</script>";
		}



echo "<script language='javascript'> location='../controlbase/';</script>";


}








//对于没有登录权限，但是又输入正确的账密的用户，我们就提供绑定。
	elseif(($username==$user['mid'])&&($userpass==$user['mima'])&&($user['authority']=="否"))
	{

			$_SESSION['username']     = $user['name'];
			$_SESSION['department']   = $user['department'];
			$_SESSION['departmentid'] = $user['departmentid'];
			$_SESSION['mid']          = $user['mid'];
			$_SESSION['nid']          = $user['nid'] ;
			$_SESSION['quanxian']     = $user['quanxian'];
			$_SESSION['position']     = $user['position'];
			$_SESSION['wechat_openid']     = $_REQUEST['openid'];



//接收到openid并且未有openid的，同时还应该要写入openid到表格
			if(($_REQUEST['openid'])&&(!$user['wechat_openid']))
			{
				$_REQUEST['ai_wechat_openid']=$_REQUEST['openid'];
				//$_REQUEST['ai_nid']=$user['nid'];

				echo $sql=update_date($table_Prefix."employee",$_REQUEST,'nid',$user['nid']);
				$query = mysql_query($sql) or die ($sql);
				mysql_close($con);

				echo "<script language='javascript'>alert('成功绑定微信！');location='../controlbase/';</script>";
			}



	}









else
	{

echo
"
<script language='javascript'>alert('无登陆权限 或 密码错误！');location='/login/';</script>
";
	}
}
}


	
	


?>
